package com.yummy.web.security.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import com.yummy.convention.exception.BusinessException;
import com.yummy.convention.http.DefaultResponseCode;
import com.yummy.web.security.config.FilterPattern;
import com.yummy.web.security.context.RequestContext;
import com.yummy.web.security.context.Session;

public class PrincipalIndentificationFilter extends AbstractSecurityFilter {

	public PrincipalIndentificationFilter(FilterPattern filterPattern) {
		super(filterPattern);
	}

	@Override
	protected void sendAccessDenied(ServletRequest request, ServletResponse response) {
		throw new BusinessException(DefaultResponseCode.UNLOGINED.getCode(),DefaultResponseCode.UNLOGINED.getMsg());
	}

	@Override
	protected boolean accessAllowed(ServletRequest request, ServletResponse response) {
		Session session = RequestContext.getSession();
		return !(session == null || !session.isLogin());
	}
	
	protected boolean shouldFilter(ServletRequest request, ServletResponse response) {
		boolean flag = super.shouldFilter(request, response);
		if(!flag) {
			request.setAttribute(RequestContext.NEED_LOGIN, false);
		}
		return flag;
	}
}
